Someone you follow had their account hijacked

When you receive one of these tweets or DMs, it is from a hijacked account. This is NOT regular spam. You should let the person know they have been hijacked, and that their account is sending out messages without their knowledge.

What to watch out for

You must read the URL in your browser before logging into Twitter.com. There are many variations of fake URLs such as “tvviter.com” or “ltwitter/twitter-login” and many more.

Do not be fooled by a page that looks exactly like Twitter.com. The page will look normal, except for the URL. If it doesn’t say //Twitter.com at the beginning of the URL, it is NOT Twitter.com! While your browser will make the top of the page look slightly different from mine (you may have icons and bookmarks or favorites, for example), the URL is what counts.

Here are the only two kinds of pages that are real. Look closely at the URL. Both have //twitter.com at the beginning:

If you were logged into Twitter.com, and suddenly find yourself logged out, watch out! You are probably still logged in and have just reached a fake phishing page trying to steal your password.